From 7d1f55e9d9a4c2d2d136735a07975504b12c1661 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Fri, 10 Sep 2010 14:50:17 +0000 Subject: [PATCH] Add ghash-s390x.pl. --- Configure | 2 +- TABLE | 4 +- crypto/modes/asm/ghash-s390x.pl | 171 ++++++++++++++++++++++++++++++++ 3 files changed, 174 insertions(+), 3 deletions(-) create mode 100644 crypto/modes/asm/ghash-s390x.pl diff --git a/Configure b/Configure index 9203ad283d..53a9ba8d78 100755 --- a/Configure +++ b/Configure @@ -133,7 +133,7 @@ my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a- my $sparcv8_asm=":sparcv8.o:des_enc-sparc.o fcrypt_b.o::::::::::::void"; my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o:::::sha1-alpha.o:::::::ghash-alpha.o:void"; my $mips3_asm=":bn-mips3.o:::::::::::::void"; -my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o::aes_ctr.o aes-s390x.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o::::::void"; +my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o::aes_ctr.o aes-s390x.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::ghash-s390x.o:void"; my $armv4_asm=":bn_asm.o armv4-mont.o::aes_cbc.o aes-armv4.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::ghash-armv4.o:void"; my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o:32"; my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o:64"; diff --git a/TABLE b/TABLE index 4d2ae56017..c9c39979ea 100644 --- a/TABLE +++ b/TABLE @@ -1506,7 +1506,7 @@ $multilib = *** debug-ben-debug $cc = gcc -$cflags = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -DBN_DEBUG -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -g3 -O2 -pipe +$cflags = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -g3 -O2 -pipe $unistd = $thread_cflag = (unknown) $sys_id = @@ -3893,7 +3893,7 @@ $rmd160_obj = $rc5_obj = $wp_obj = $cmll_obj = -$modes_obj = +$modes_obj = ghash-s390x.o $perlasm_scheme = void $dso_scheme = dlfcn $shared_target= linux-shared diff --git a/crypto/modes/asm/ghash-s390x.pl b/crypto/modes/asm/ghash-s390x.pl new file mode 100644 index 0000000000..18135ddb45 --- /dev/null +++ b/crypto/modes/asm/ghash-s390x.pl @@ -0,0 +1,171 @@ +#!/usr/bin/env perl + +# ==================================================================== +# Written by Andy Polyakov for the OpenSSL +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. +# ==================================================================== + +# September 2010. + +while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {} +open STDOUT,">$output"; + +$Zhi="%r0"; +$Zlo="%r1"; + +$Xi="%r2"; # argument block +$Htbl="%r3"; +$inp="%r4"; +$len="%r5"; + +$rem0="%r6"; # variables +$rem1="%r7"; +$nlo="%r8"; +$nhi="%r9"; +$xi="%r10"; +$cnt="%r11"; +$tmp="%r12"; +$x78="%r13"; +$rem_4bit="%r14"; + +$sp="%r15"; + +$code.=<<___; +.text + +.globl gcm_gmult_4bit +.align 32 +gcm_gmult_4bit: + stmg %r6,%r14,48($sp) + + aghi $Xi,-1 + lghi $len,1 + lghi $x78,`0xf<<3` + larl $rem_4bit,rem_4bit + + lg $Zlo,8+1($Xi) # Xi + j .Lgmult_shortcut +.type gcm_gmult_4bit,\@function +.size gcm_gmult_4bit,(.-gcm_gmult_4bit) + +.globl gcm_ghash_4bit +.align 32 +gcm_ghash_4bit: + stmg %r6,%r14,48($sp) + + aghi $Xi,-1 + srlg $len,$len,4 + lghi $x78,`0xf<<3` + larl $rem_4bit,rem_4bit + + lg $Zlo,8+1($Xi) # Xi + lg $Zhi,0+1($Xi) +.Louter: + xg $Zlo,8($inp) # Xi ^= inp + xg $Zhi,0($inp) + stg $Zlo,8+1($Xi) + stg $Zhi,0+1($Xi) + +.Lgmult_shortcut: + lghi $tmp,0xff + srlg $xi,$Zlo,8 # extract first two bytes + lgr $nhi,$Zlo + ngr $xi,$tmp + ngr $nhi,$tmp + + sllg $nlo,$nhi,4 + nill $nhi,0xf0 + nill $nlo,0xf0 + lghi $cnt,14 + + lg $Zlo,8($nlo,$Htbl) + lg $Zhi,0($nlo,$Htbl) + + sllg $nlo,$xi,4 + nill $xi,0xf0 + sllg $rem0,$Zlo,3 + nill $nlo,0xf0 + + srlg $Zlo,$Zlo,4 + ngr $rem0,$x78 + sllg $tmp,$Zhi,60 + xg $Zlo,8($nhi,$Htbl) + srlg $Zhi,$Zhi,4 + xgr $Zlo,$tmp + xg $Zhi,0($nhi,$Htbl) + lgr $nhi,$xi + sllg $rem1,$Zlo,3 + +.Lghash_inner: + srlg $Zlo,$Zlo,4 + ngr $rem1,$x78 + xg $Zlo,8($nlo,$Htbl) + sllg $tmp,$Zhi,60 + xg $Zhi,0($rem0,$rem_4bit) + xgr $Zlo,$tmp + srlg $Zhi,$Zhi,4 + llgc $xi,0($cnt,$Xi) + sllg $rem0,$Zlo,3 + xg $Zhi,0($nlo,$Htbl) + sllg $nlo,$xi,4 + nill $xi,0xf0 + nill $nlo,0xf0 + + srlg $Zlo,$Zlo,4 + ngr $rem0,$x78 + xg $Zlo,8($nhi,$Htbl) + sllg $tmp,$Zhi,60 + xg $Zhi,0($rem1,$rem_4bit) + xgr $Zlo,$tmp + srlg $Zhi,$Zhi,4 + sllg $rem1,$Zlo,3 + xg $Zhi,0($nhi,$Htbl) + lgr $nhi,$xi + brct $cnt,.Lghash_inner + + srlg $Zlo,$Zlo,4 + ngr $rem1,$x78 + xg $Zlo,8($nlo,$Htbl) + sllg $tmp,$Zhi,60 + xg $Zhi,0($rem0,$rem_4bit) + xgr $Zlo,$tmp + srlg $Zhi,$Zhi,4 + sllg $rem0,$Zlo,3 + xg $Zhi,0($nlo,$Htbl) + + srlg $Zlo,$Zlo,4 + ngr $rem0,$x78 + xg $Zhi,0($rem1,$rem_4bit) + sllg $tmp,$Zhi,60 + xg $Zlo,8($nhi,$Htbl) + srlg $Zhi,$Zhi,4 + xgr $Zlo,$tmp + xg $Zhi,0($nhi,$Htbl) + + la $inp,16($inp) + xg $Zhi,0($rem0,$rem_4bit) + brctg $len,.Louter + + stg $Zlo,8+1($Xi) + stg $Zhi,0+1($Xi) + lmg %r6,%r14,48($sp) + br %r14 +.type gcm_ghash_4bit,\@function +.size gcm_ghash_4bit,(.-gcm_ghash_4bit) + +.align 64 +rem_4bit: + .long `0x0000<<16`,0,`0x1C20<<16`,0,`0x3840<<16`,0,`0x2460<<16`,0 + .long `0x7080<<16`,0,`0x6CA0<<16`,0,`0x48C0<<16`,0,`0x54E0<<16`,0 + .long `0xE100<<16`,0,`0xFD20<<16`,0,`0xD940<<16`,0,`0xC560<<16`,0 + .long `0x9180<<16`,0,`0x8DA0<<16`,0,`0xA9C0<<16`,0,`0xB5E0<<16`,0 +.type rem_4bit,\@object +.size rem_4bit,(.-rem_4bit) +.string "GHASH for s390x, CRYPTOGAMS by " +___ + +$code =~ s/\`([^\`]*)\`/eval $1/gem; +print $code; +close STDOUT; -- 2.40.0